﻿namespace Standards.Web.Attributes
{
    using System.Web;
    using System.Web.Mvc;

    using Standards.Data;
    using Standards.Data.EntityFramework;
    using Standards.Services.Services;
    using Standards.Model.Models;

    public class HasPermissionAttribute : AuthorizeAttribute
    {
        private readonly IPermissionsService permissionsService;

        private readonly Permission permission;        

        public HasPermissionAttribute(Permission permission)
        {
            // TODO: dependencty injection
            this.permissionsService = new PermissionsService(new StandardsUnitOfWorkFactory());
            this.permission = permission;
        }

        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            return this.permissionsService.HasPermission(httpContext.User.Identity.Name, this.permission);
        }
    }
}